package org.springframework.security.oauth2.client.oidc.userinfo;

import com.nimbusds.oauth2.sdk.ErrorObject;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.http.HTTPRequest;
import com.nimbusds.oauth2.sdk.http.HTTPResponse;
import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
import com.nimbusds.openid.connect.sdk.UserInfoErrorResponse;
import com.nimbusds.openid.connect.sdk.UserInfoRequest;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.nio.charset.Charset;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.HttpHeaders;
import org.springframework.http.client.AbstractClientHttpResponse;
import org.springframework.http.client.ClientHttpResponse;
import org.springframework.http.converter.GenericHttpMessageConverter;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.util.Assert;

/* loaded from: input_file:WEB-INF/lib/spring-security-oauth2-client-5.0.0.RC1.jar:org/springframework/security/oauth2/client/oidc/userinfo/NimbusUserInfoResponseClient.class */
final class NimbusUserInfoResponseClient {
    private static final String INVALID_USER_INFO_RESPONSE_ERROR_CODE = "invalid_user_info_response";
    private final GenericHttpMessageConverter genericHttpMessageConverter = new MappingJackson2HttpMessageConverter();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/spring-security-oauth2-client-5.0.0.RC1.jar:org/springframework/security/oauth2/client/oidc/userinfo/NimbusUserInfoResponseClient$NimbusClientHttpResponse.class */
    public static class NimbusClientHttpResponse extends AbstractClientHttpResponse {
        private final HTTPResponse httpResponse;
        private final HttpHeaders headers;

        private NimbusClientHttpResponse(HTTPResponse hTTPResponse) {
            Assert.notNull(hTTPResponse, "httpResponse cannot be null");
            this.httpResponse = hTTPResponse;
            this.headers = new HttpHeaders();
            this.headers.setAll(hTTPResponse.getHeaders());
        }

        @Override // org.springframework.http.client.ClientHttpResponse
        public int getRawStatusCode() throws IOException {
            return this.httpResponse.getStatusCode();
        }

        @Override // org.springframework.http.client.ClientHttpResponse
        public String getStatusText() throws IOException {
            return String.valueOf(getRawStatusCode());
        }

        @Override // org.springframework.http.client.ClientHttpResponse, java.io.Closeable, java.lang.AutoCloseable
        public void close() {
        }

        @Override // org.springframework.http.HttpInputMessage
        public InputStream getBody() throws IOException {
            return new ByteArrayInputStream(this.httpResponse.getContent().getBytes(Charset.forName("UTF-8")));
        }

        @Override // org.springframework.http.HttpMessage
        public HttpHeaders getHeaders() {
            return this.headers;
        }
    }

    <T> T getUserInfoResponse(OAuth2UserRequest oAuth2UserRequest, Class<T> cls) throws OAuth2AuthenticationException {
        try {
            return this.genericHttpMessageConverter.read2(cls, getUserInfoResponse(oAuth2UserRequest.getClientRegistration(), oAuth2UserRequest.getAccessToken()));
        } catch (IOException e) {
            OAuth2Error oAuth2Error = new OAuth2Error(INVALID_USER_INFO_RESPONSE_ERROR_CODE, "An error occurred reading the UserInfo Success response: " + e.getMessage(), null);
            throw new OAuth2AuthenticationException(oAuth2Error, oAuth2Error.toString(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public <T> T getUserInfoResponse(OAuth2UserRequest oAuth2UserRequest, ParameterizedTypeReference<T> parameterizedTypeReference) throws OAuth2AuthenticationException {
        try {
            return (T) this.genericHttpMessageConverter.read(parameterizedTypeReference.getType(), null, getUserInfoResponse(oAuth2UserRequest.getClientRegistration(), oAuth2UserRequest.getAccessToken()));
        } catch (IOException e) {
            OAuth2Error oAuth2Error = new OAuth2Error(INVALID_USER_INFO_RESPONSE_ERROR_CODE, "An error occurred reading the UserInfo Success response: " + e.getMessage(), null);
            throw new OAuth2AuthenticationException(oAuth2Error, oAuth2Error.toString(), e);
        }
    }

    private ClientHttpResponse getUserInfoResponse(ClientRegistration clientRegistration, OAuth2AccessToken oAuth2AccessToken) throws OAuth2AuthenticationException {
        URI create = URI.create(clientRegistration.getProviderDetails().getUserInfoEndpoint().getUri());
        HTTPRequest hTTPRequest = new UserInfoRequest(create, new BearerAccessToken(oAuth2AccessToken.getTokenValue())).toHTTPRequest();
        hTTPRequest.setConnectTimeout(30000);
        hTTPRequest.setReadTimeout(30000);
        try {
            HTTPResponse send = hTTPRequest.send();
            if (send.getStatusCode() == 200) {
                return new NimbusClientHttpResponse(send);
            }
            try {
                ErrorObject errorObject = UserInfoErrorResponse.parse(send).getErrorObject();
                StringBuilder sb = new StringBuilder();
                sb.append("An error occurred while attempting to access the UserInfo Endpoint -> ");
                sb.append("Error details: [");
                sb.append("UserInfo Uri: ").append(create.toString());
                sb.append(", Http Status: ").append(errorObject.getHTTPStatusCode());
                if (errorObject.getCode() != null) {
                    sb.append(", Error Code: ").append(errorObject.getCode());
                }
                if (errorObject.getDescription() != null) {
                    sb.append(", Error Description: ").append(errorObject.getDescription());
                }
                sb.append("]");
                OAuth2Error oAuth2Error = new OAuth2Error(INVALID_USER_INFO_RESPONSE_ERROR_CODE, sb.toString(), null);
                throw new OAuth2AuthenticationException(oAuth2Error, oAuth2Error.toString());
            } catch (ParseException e) {
                OAuth2Error oAuth2Error2 = new OAuth2Error(INVALID_USER_INFO_RESPONSE_ERROR_CODE, "An error occurred parsing the UserInfo Error response: " + e.getMessage(), null);
                throw new OAuth2AuthenticationException(oAuth2Error2, oAuth2Error2.toString(), e);
            }
        } catch (IOException e2) {
            throw new AuthenticationServiceException("An error occurred while sending the UserInfo Request: " + e2.getMessage(), e2);
        }
    }
}
